Microsoft CVEs, MITRE ATT&CK, and what Secure by Design Cannot Fix
Did you know that 70% of Microsoft CVEs between 2006-2018 were memory safety bugs? How hardware Secure by Design can help...and how it can't.
sdl
2 posts
Integrating Threat Modeling with DevOps
Because DevOps has effectively joined the Operational and Dev domains, it introduces security dependencies which neither domain had to consider before.